Recently, numerous electric control devices have been adopted in vehicles so as to enhance a driver's safety and convenience. An in-vehicle network generally supports communication among the electric control devices in the vehicle.
However, as the number of electric control devices in the vehicle increases, maintain security of the vehicle becomes a critical issue for driving safety. Accordingly, in order to diagnose a controller for use in a vehicle and/or update data stored in the controller, an authentication process against an external diagnostic device is required.
In a typical authentication process between the controller inside the vehicle and the external diagnostic device, the controller transmits a seed value to the diagnostic device in response to the device's authentication request, and the diagnostic device generates a key value based on the seed value. The generated key value is delivered into the controller, and the controller compares the delivered key value with another key value internally generated based on a predetermined algorithm. If the delivered key value is equal to the internally generated key value, the diagnostic device is allowed to access the controller inside the vehicle.
However, the above-described method using seed-key values utilizes a unique algorithm which should be kept in secret for security. Thus, when the corresponding algorithm is open, leaked, hacked, or known in public, security can be broken.
In U.S. Patent Application Publication No. 2002/0135466, titled “Vehicle Security System and Method,” filed on Feb. 14, 2002 and published on Sep. 26, 2002, a mobile device sends a request message, containing the vehicle identity and device identity, to a remote authentication server via a wireless communication technology. Then, the authentication server performs plural processes for authentication. If the authentication is successful, the mobile device allows the vehicle to be started.
Referring to the Korean Patent No. 10-1216110, titled “Method and System for Distributing Certificate Revocation List for Vehicle Communication, Apparatus for Acquiring Certificate Revocation List thereof,” filed on May 18, 2011 and issued on Dec. 20, 2012, a certificate revocation list (CRL) transmitted from a distribution device for communicating with a vehicle is converted, based on a protocol of multimedia object transfer (MOT) for Terrestrial-Digital Multimedia Broadcasting (T-DMB), into a CRL data which can be transmitted by a device in the vehicle. Then, a broadcasting relay apparatus distributes the converted CRL data via a data broadcasting channel for T-DMB.
In the Japanese Patent Publication No. 2007-196852, titled “Authentication Device, Authentication Method, and Vehicle Control Device,” filed on Jan. 26, 2006 and published on Aug. 9, 2007, an authentication device for use in a vehicle communicates with an available mobile device and acquires authentication information from the mobile device. The acquired authentication information is compared with authentication information registered in the authentication device. If the acquired authentication information is equal to the registered authentication information, the authentication is successful, and a lock of each control unit in the vehicle is released.
However, above-mentioned publications demonstrate how to control the driver's access to a vehicle, not how to authenticate an external diagnostic device to thereby allow access to the vehicle. It is not described how to collect, and analyze, security-related information according to a certificate's rating in order to control access security for use in a vehicle.